The H-Files: G-Men Learn to Hack

Share

The H-Files: G-Men Learn to Hack

They may not have the panache of James Bond, or the tough-guy demeanor of Elliott Ness, but a crop of new agents at the FBI, the US Marshal's Office, and the Secret Service now has a set of skills uncommon for G-men: They can track and snare hackers.

Training programs that started last summer are starting to yield the first of a new breed of information cops, says G. R. "Bob" Wynn, a computer security expert who has been teaching agents the nuts and bolts of hacking at training centers in Atlanta and Quantico, Virginia. Wynn, former director of computer security for Bell South, trains 15 to 20 agents a month, some of whom never so much as clicked a mouse before entering the course.

"There are people with a whole range of computer skills in the classes I teach," Wynn says. "We have people who have never signed on to a computer. There are others who don't know what hackers can do or are doing. But I try to take the technology and put it into everyday language."

The FBI and Secret Service first take the agents on a tour of the Web, showing them where hackers hang out, which chat groups they frequent, and even subscribing them to the hacker magazine, 2600, which offers tricks of the trade. The info cops also learn such hacking skills as gaining network access through computer ports and disabling networks.

The training is somewhat revolutionary for the staid bureaucrats in federal law enforcement, where until recently the reaction to computer crime was "who cares?" "They didn't take it seriously," Wynn says.

But the rising toll that hacking is taking on corporate networks has started to change the government's mind. The Washington, DC-based American Society for Industrial Security says two-thirds of costs to companies incurred because of hackers involve strategic plans, research and development data, and manufacturing processes.

Many companies have grown wary of hiring former hackers, for fear that they might use their skills on the employer once they leave, says David Kennedy, director of research, education, and consulting at the National Computer Security Association. Companies are looking into hiring former policemen or MPs to handle computer security, and providing them with computer training as a way to avoid bad hires.

"These people don't even have to be computer experts anymore to hack," Wynn says, estimating that the government needs to train hundreds of agents each year as info cops just to keep pace with hackers. "The tools and how-to courses are all there online. The image of the innocent kid trespassing online is fading. This is the only group of criminals that has their own convention." The biggest fear the government has is of a so-called electronic Pearl Harbor, where hackers employed by a foreign country, like Iraq or Libya, bring down US networks.

"The mentality of the government is changing, and they're starting to take this seriously," Wynn says.